RFC Errata
Found 4 records.
Status: Verified (1)
RFC 6234, "US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)", May 2011
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 5179
Status: Verified
Type: Editorial
Publication Format(s) : TEXT
Reported By: Russ Housley
Date Reported: 2017-11-06
Verifier Name: Roman Danyliw
Date Verified: 2022-01-19
Section 8.5 says:
* This file will exercise the HKDF code performing * the seven tests documented in RFC 4869.
It should say:
* This file will exercise the HKDF code performing * the seven tests documented in RFC 5869.
Notes:
Typo. Provide the correct reference in the code comment.
Status: Reported (2)
RFC 6234, "US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)", May 2011
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 5240
Status: Reported
Type: Editorial
Publication Format(s) : TEXT
Reported By: Yeong-u Kim (K.)
Date Reported: 2018-01-21
Section 6 says:
6.1. SHA-224 and SHA-256 Initialization For SHA-224, the initial hash value, H(0), consists of the following 32-bit words in hex: H(0)0 = c1059ed8 H(0)1 = 367cd507 H(0)2 = 3070dd17 H(0)3 = f70e5939 H(0)4 = ffc00b31 H(0)5 = 68581511 H(0)6 = 64f98fa7 H(0)7 = befa4fa4
It should say:
6.1. SHA-224 and SHA-256 Initialization For SHA-224, the initial hash value, H(0), consists of the following 32-bit words in hex. These words were obtained by taking the second 32 bits of the fractional parts of the square roots of the ninth through sixteenth prime numbers. H(0)0 = c1059ed8 H(0)1 = 367cd507 H(0)2 = 3070dd17 H(0)3 = f70e5939 H(0)4 = ffc00b31 H(0)5 = 68581511 H(0)6 = 64f98fa7 H(0)7 = befa4fa4
Notes:
The explanation for the way in which the initial hash value of SHA-224 was obtained is missing.
Errata ID: 6523
Status: Reported
Type: Editorial
Publication Format(s) : TEXT
Reported By: David Óscar Solé González
Date Reported: 2021-04-08
Section 6.4 says:
For i = 1 to N 1. Prepare the message schedule W: For t = 0 to 15 Wt = M(i)t For t = 16 to 79 Wt = SSIG1(W(t-2)) + W(t-7) + SSIG0(W(t-15)) + W(t-16) 2. Initialize the working variables: a = H(i-1)0 b = H(i-1)1 c = H(i-1)2 d = H(i-1)3 e = H(i-1)4 f = H(i-1)5 g = H(i-1)6 h = H(i-1)7 3. Perform the main hash computation: For t = 0 to 79 T1 = h + BSIG1(e) + CH(e,f,g) + Kt + Wt T2 = BSIG0(a) + MAJ(a,b,c) h = g g = f f = e e = d + T1 d = c c = b b = a a = T1 + T2 4. Compute the intermediate hash value H(i) H(i)0 = a + H(i-1)0 H(i)1 = b + H(i-1)1 H(i)2 = c + H(i-1)2 H(i)3 = d + H(i-1)3 H(i)4 = e + H(i-1)4 H(i)5 = f + H(i-1)5 H(i)6 = g + H(i-1)6 H(i)7 = h + H(i-1)7
It should say:
For i = 1 to N 1. Prepare the message schedule W: For t = 0 to 15 Wt = M(i)t For t = 16 to 79 Wt = SSIG1(W(t-2)) + W(t-7) + SSIG0(W(t-15)) + W(t-16) 2. Initialize the working variables: a = H(i-1)0 b = H(i-1)1 c = H(i-1)2 d = H(i-1)3 e = H(i-1)4 f = H(i-1)5 g = H(i-1)6 h = H(i-1)7 3. Perform the main hash computation: For t = 0 to 79 T1 = h + BSIG1(e) + CH(e,f,g) + Kt + Wt T2 = BSIG0(a) + MAJ(a,b,c) h = g g = f f = e e = d + T1 d = c c = b b = a a = T1 + T2 4. Compute the intermediate hash value H(i) H(i)0 = a + H(i-1)0 H(i)1 = b + H(i-1)1 H(i)2 = c + H(i-1)2 H(i)3 = d + H(i-1)3 H(i)4 = e + H(i-1)4 H(i)5 = f + H(i-1)5 H(i)6 = g + H(i-1)6 H(i)7 = h + H(i-1)7
Notes:
Identation correction on point 4. as it may lead to confussion and reader may think that point (4) may be done inside a loop (begining on point (3).
Status: Held for Document Update (1)
RFC 6234, "US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF)", May 2011
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 5238
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Yeong-u Kim (K.)
Date Reported: 2018-01-19
Held for Document Update by: Warren Kumari (Ops AD)
Date Held: 2018-01-22
Section 3 says:
e. The rotate left (circular left shift) operation ROTL^n(x), where x is a w-bit word and n is an integer with 0 <= n < w, is defined by ROTL^n(X) = (x<<n) OR (x>>(w-n))
It should say:
e. The rotate left (circular left shift) operation ROTL^n(x), where x is a w-bit word and n is an integer with 0 <= n < w, is defined by ROTL^n(x) = (x<<n) OR (x>>(w-n))
Notes:
A typo. The function argument has to be x, not X.